Medium Severity

IBM Security Bulletin: Open Source Apache Tomcat Vulnerabilities affect the IBM Emptoris Strategic Supply Management suite of products (CVE-2016-3092)

Share this post:

Open Source Apache Tomcat Vulnerabilities affect the IBM Emptoris Strategic Supply Management suite of products. The IBM Emptoris Strategic Supply Management Suite of products includes IBM Emptoris Contract Management, IBM Emptoris Sourcing, IBM Emptoris Spend Analysis and IBM Emptoris Program Management.

CVE(s): CVE-2016-3092

Affected product(s) and affected version(s):

IBM Emptoris Contract Management 9.5 through 10.1.x
IBM Emptoris Program Management 10.0.0 through 10.1.x
IBM Emptoris Sourcing 9.5 through 10.1.x
IBM Emptoris Spend Analysis 9.5 through 10.1.x
IBM Emptoris Supplier Lifecycle Management 10.0.0 through 10.1.x
IBM Emptoris Strategic Supply Management 10.0.0 through 10.1.x

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22005604
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/114336

More stories

Security Bulletin: CVE-2014-3577 HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name

Aug 4, 2020 8:01 pm EDT | Medium Severity

CVE-2014-3577 HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name ...read more


Security Bulletin: CVE-2019-2949 may affect IBM® SDK, Java™ Technology Edition

Aug 4, 2020 8:00 pm EDT | Medium Severity

CVE-2019-2949 was disclosed in the Oracle October 2019 Critical Patch Update ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Integration Bus and IBM App Connect Enterpise v11.

Aug 4, 2020 8:00 pm EDT | Medium Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, used by IBM Integration Bus & IBM App Connect Enterprise v11. These issues were disclosed as part of the IBM Java SDK updates in April 2020. ...read more